· 6 years ago · Oct 22, 2019, 12:38 PM
1#######################################################################################################################################
2=======================================================================================================================================
3Hostname fortressoffaith.com ISP Liquid Web, L.L.C
4Continent North America Flag
5US
6Country United States Country Code US
7Region Michigan Local time 22 Oct 2019 06:58 EDT
8City Lansing Postal Code 48917
9IP Address 72.52.244.17 Latitude 42.735
10 Longitude -84.625
11======================================================================================================================================
12#######################################################################################################################################
13> fortressoffaith.com
14Server: 185.93.180.131
15Address: 185.93.180.131#53
16
17Non-authoritative answer:
18Name: fortressoffaith.com
19Address: 72.52.244.17
20>
21#######################################################################################################################################
22 Domain Name: FORTRESSOFFAITH.COM
23 Registry Domain ID: 1555724340_DOMAIN_COM-VRSN
24 Registrar WHOIS Server: whois.domaindiscover.com
25 Registrar URL: http://www.domaindiscover.com
26 Updated Date: 2017-09-10T17:28:57Z
27 Creation Date: 2009-05-14T22:06:41Z
28 Registry Expiry Date: 2024-05-14T22:06:41Z
29 Registrar: TierraNet Inc. d/b/a DomainDiscover
30 Registrar IANA ID: 86
31 Registrar Abuse Contact Email: abuse@tierra.net
32 Registrar Abuse Contact Phone: 858-560-9416
33 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
34 Name Server: NS1.BIGHORNHOSTING.COM
35 Name Server: NS2.BIGHORNHOSTING.COM
36 DNSSEC: unsigned
37#######################################################################################################################################
38Domain Name: FORTRESSOFFAITH.COM
39Registry Domain ID:
40Registrar WHOIS Server: whois.domaindiscover.com
41Registrar URL: https://www.tierra.net
42Updated Date: 2017-09-10T10:28:20Z
43Creation Date: 2009-05-14T15:06:40Z
44Registrar Registration Expiration Date: 2024-05-14T14:06:41Z
45Registrar: TIERRANET INC. DBA DOMAINDISCOVER
46Registrar IANA ID: 86
47Registrar Abuse Contact Email: icann-abuse-reports@tierra.net
48Registrar Abuse Contact Phone: +1.6193932105
49Reseller:
50Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
51Registry Registrant ID:
52Registrant Name: Tom Wallace
53Registrant Organization: Fortress of Faith
54Registrant Street: PO Box 30485
55Registrant City: Bellingham
56Registrant State/Province: WA
57Registrant Postal Code: 98228
58Registrant Country: US
59Registrant Phone: +1.3608205904
60Registrant Phone Ext:
61Registrant Fax:
62Registrant Fax Ext:
63Registrant Email: tomwallace66@gmail.com
64Registry Admin ID:
65Admin Name: Tom Wallace
66Admin Organization: Fortress of Faith
67Admin Street: PO Box 30485
68Admin City: Bellingham
69Admin State/Province: WA
70Admin Postal Code: 98228
71Admin Country: US
72Admin Phone: +1.3608205904
73Admin Phone Ext:
74Admin Fax:
75Admin Fax Ext:
76Admin Email: tomwallace66@gmail.com
77Registry Tech ID:
78Tech Name: Tom Wallace
79Tech Organization: Fortress of Faith
80Tech Street: PO Box 30485
81Tech City: Bellingham
82Tech State/Province: WA
83Tech Postal Code: 98228
84Tech Country: US
85Tech Phone: +1.3608205904
86Tech Phone Ext:
87Tech Fax:
88Tech Fax Ext:
89Tech Email: tomwallace66@gmail.com
90Name Server: NS1.BIGHORNHOSTING.COM
91Name Server: NS2.BIGHORNHOSTING.COM
92DNSSEC:
93#######################################################################################################################################
94[+] Target : fortressoffaith.com
95
96[+] IP Address : 72.52.244.17
97
98[+] Headers :
99
100[+] Connection : Keep-Alive
101[+] X-Powered-By : PHP/7.0.33
102[+] Access-Control-Allow-Origin : *
103[+] Expires : Thu, 19 Nov 1981 08:52:00 GMT
104[+] Cache-Control : no-store, no-cache, must-revalidate
105[+] Pragma : no-cache
106[+] Content-Type : text/html; charset=UTF-8
107[+] X-UA-Compatible : IE=edge
108[+] Link : <https://fortressoffaith.com/wp-json/>; rel="https://api.w.org/", <https://fortressoffaith.com/>; rel=shortlink
109[+] Etag : "7781-1571145912;gz"
110[+] X-LiteSpeed-Cache : hit
111[+] Transfer-Encoding : chunked
112[+] Content-Encoding : gzip
113[+] Vary : Accept-Encoding
114[+] Date : Tue, 22 Oct 2019 11:09:22 GMT
115[+] Server : LiteSpeed
116[+] Alt-Svc : quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
117
118[+] SSL Certificate Information :
119
120[+] commonName : fortressoffaith.com
121[+] countryName : US
122[+] organizationName : Let's Encrypt
123[+] commonName : Let's Encrypt Authority X3
124[+] Version : 3
125[+] Serial Number : 0314BCBEF273AA2570B41FF74FF4483AB90A
126[+] Not Before : Sep 16 02:16:18 2019 GMT
127[+] Not After : Dec 15 02:16:18 2019 GMT
128[+] OCSP : ('http://ocsp.int-x3.letsencrypt.org',)
129[+] subject Alt Name : (('DNS', 'cpanel.fortressoffaith.com'), ('DNS', 'fortressoffaith.com'), ('DNS', 'mail.fortressoffaith.com'), ('DNS', 'webdisk.fortressoffaith.com'), ('DNS', 'webmail.fortressoffaith.com'), ('DNS', 'www.fortressoffaith.com'))
130[+] CA Issuers : ('http://cert.int-x3.letsencrypt.org/',)
131
132[+] Whois Lookup :
133
134[+] NIR : None
135[+] ASN Registry : arin
136[+] ASN : 32244
137[+] ASN CIDR : 72.52.128.0/17
138[+] ASN Country Code : US
139[+] ASN Date : 2006-08-03
140[+] ASN Description : LIQUIDWEB - Liquid Web, L.L.C, US
141[+] cidr : 72.52.128.0/17
142[+] name : LIQUIDWEB
143[+] handle : NET-72-52-128-0-1
144[+] range : 72.52.128.0 - 72.52.255.255
145[+] description : Liquid Web, L.L.C
146[+] country : US
147[+] state : MI
148[+] city : Lansing
149[+] address : 4210 Creyts Rd.
150[+] postal_code : 48917
151[+] emails : ['abuse@liquidweb.com', 'ipadmin@liquidweb.com']
152[+] created : 2006-08-03
153[+] updated : 2016-12-19
154
155[+] Crawling Target...
156
157[+] Looking for robots.txt........[ Found ]
158[+] Extracting robots Links.......[ 2 ]
159[+] Looking for sitemap.xml.......[ Not Found ]
160[+] Extracting CSS Links..........[ 18 ]
161[+] Extracting Javascript Links...[ 17 ]
162[+] Extracting Internal Links.....[ 20 ]
163[+] Extracting External Links.....[ 6 ]
164[+] Extracting Images.............[ 11 ]
165
166[+] Total Links Extracted : 74
167
168[+] Dumping Links in /opt/FinalRecon/dumps/fortressoffaith.com.dump
169[+] Completed!
170#######################################################################################################################################
171[+] Starting At 2019-10-22 07:11:48.884536
172[+] Collecting Information On: https://fortressoffaith.com/
173[#] Status: 200
174--------------------------------------------------
175[#] Web Server Detected: LiteSpeed
176[#] X-Powered-By: PHP/7.0.33
177[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
178[+] CORS Wildcard Detected !
179- Connection: Keep-Alive
180- X-Powered-By: PHP/7.0.33
181- Access-Control-Allow-Origin: *
182- Expires: Thu, 19 Nov 1981 08:52:00 GMT
183- Cache-Control: no-store, no-cache, must-revalidate
184- Pragma: no-cache
185- Content-Type: text/html; charset=UTF-8
186- X-UA-Compatible: IE=edge
187- Link: <https://fortressoffaith.com/wp-json/>; rel="https://api.w.org/", <https://fortressoffaith.com/>; rel=shortlink
188- Etag: "7781-1571145912;gz"
189- X-LiteSpeed-Cache: hit
190- Transfer-Encoding: chunked
191- Content-Encoding: gzip
192- Vary: Accept-Encoding
193- Date: Tue, 22 Oct 2019 11:11:49 GMT
194- Server: LiteSpeed
195- Alt-Svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
196--------------------------------------------------
197[#] Finding Location..!
198[#] status: success
199[#] country: United States
200[#] countryCode: US
201[#] region: MI
202[#] regionName: Michigan
203[#] city: Lansing
204[#] zip: 48917
205[#] lat: 42.6898
206[#] lon: -84.6427
207[#] timezone: America/Detroit
208[#] isp: Liquid Web, L.L.C
209[#] org: SourceDNS
210[#] as: AS32244 Liquid Web, L.L.C
211[#] query: 72.52.244.17
212--------------------------------------------------
213[x] Didn't Detect WAF Presence on: https://fortressoffaith.com/
214--------------------------------------------------
215[#] Starting Reverse DNS
216[-] Failed ! Fail
217--------------------------------------------------
218[!] Scanning Open Port
219[#] 21/tcp open ftp
220[#] 53/tcp open domain
221[#] 80/tcp open http
222[#] 110/tcp open pop3
223[#] 143/tcp open imap
224[#] 443/tcp open https
225[#] 465/tcp open smtps
226[#] 587/tcp open submission
227[#] 993/tcp open imaps
228[#] 995/tcp open pop3s
229[#] 2200/tcp open ici
230[#] 3306/tcp open mysql
231--------------------------------------------------
232[+] Collecting Information Disclosure!
233[#] Detecting sitemap.xml file
234[-] sitemap.xml file not Found!?
235[#] Detecting robots.txt file
236[!] robots.txt File Found: https://fortressoffaith.com//robots.txt
237[#] Detecting GNU Mailman
238[!] GNU Mailman App Detected: https://fortressoffaith.com//mailman/admin
239[!] version: 2.1.27
240--------------------------------------------------
241[+] Crawling Url Parameter On: https://fortressoffaith.com/
242--------------------------------------------------
243[#] Searching Html Form !
244[-] No Html Form Found!?
245--------------------------------------------------
246[!] Found 3 dom parameter
247[#] https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Ffortressoffaith.com%2F&format=xml
248[#] https://fortressoffaith.com//#content
249[#] https://crm.fundly.com/6609/Pages/fundraising/#/5
250--------------------------------------------------
251[!] 3 Internal Dynamic Parameter Discovered
252[+] https://fortressoffaith.com/xmlrpc.php?rsd
253[+] https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Ffortressoffaith.com%2F
254[+] https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Ffortressoffaith.com%2F&format=xml
255--------------------------------------------------
256[!] 1 External Dynamic Parameter Discovered
257[#] https://play.google.com/store/apps/details?id=com.mobincube.fortress_of_faith.sc_DWXU1A
258--------------------------------------------------
259[!] 32 Internal links Discovered
260[+] https://fortressoffaith.com/feed/
261[+] https://fortressoffaith.com/wp-includes/wlwmanifest.xml
262[+] https://fortressoffaith.com/
263[+] https://fortressoffaith.com/
264[+] https://fortressoffaith.com/
265[+] https://fortressoffaith.com/contact/
266[+] https://fortressoffaith.com/terms-conditions/
267[+] https://fortressoffaith.com/privacy-policy/
268[+] https://fortressoffaith.com/study/
269[+] https://fortressoffaith.com/daily-articles-2/
270[+] https://fortressoffaith.com/articles-by-category/
271[+] https://fortressoffaith.com/radio-2/
272[+] https://fortressoffaith.com/radio-2/
273[+] https://fortressoffaith.com/islam-the-religion/
274[+] https://fortressoffaith.com/islam-terrorism/
275[+] https://fortressoffaith.com/islam-in-proficy/
276[+] https://fortressoffaith.com/in-the-news/
277[+] https://fortressoffaith.com/muslims-the-people/
278[+] https://fortressoffaith.com/evangelizing-muslims/
279[+] https://fortressoffaith.com/apologetic-responses/
280[+] https://fortressoffaith.com/other-issues/
281[+] https://fortressoffaith.com/when-muslims-play-the-race-card/
282[+] https://fortressoffaith.com/when-muslims-play-the-race-card/
283[+] https://fortressoffaith.com/elementor-11586/
284[+] https://fortressoffaith.com/elementor-11586/
285[+] https://fortressoffaith.com/islam-and-pedophilia/
286[+] https://fortressoffaith.com/islam-and-pedophilia/
287[+] https://fortressoffaith.com/newsletter-subscribe/
288[+] https://fortressoffaith.com//" class=
289[+] https://fortressoffaith.com//" class=
290[+] https://fortressoffaith.com//" class=
291[+] https://fortressoffaith.com//" class=
292--------------------------------------------------
293[!] 4 External links Discovered
294[#] https://gmpg.org/xfn/11
295[#] https://crm.fundly.com/6609/Pages/fundraising/#/5
296[#] http://fortressoffaith.sermon.net/rss/main/audio
297[#] http://www.fortressoffaith.org/
298--------------------------------------------------
299[#] Mapping Subdomain..
300[!] Found 3 Subdomain
301- webdisk.fortressoffaith.com
302- cpanel.fortressoffaith.com
303- webmail.fortressoffaith.com
304--------------------------------------------------
305[!] Done At 2019-10-22 07:12:21.575711
306#######################################################################################################################################
307[i] Scanning Site: https://fortressoffaith.com
308
309
310
311B A S I C I N F O
312====================
313
314
315[+] Site Title: Fortress of Faith – Refuting Islam
316[+] IP address: 72.52.244.17
317[+] Web Server: LiteSpeed
318[+] CMS: WordPress
319[+] Cloudflare: Not Detected
320[+] Robots File: Found
321
322-------------[ contents ]----------------
323User-agent: *
324Disallow: /wp-admin/
325Allow: /wp-admin/admin-ajax.php
326
327-----------[end of contents]-------------
328
329
330
331W H O I S L O O K U P
332========================
333
334 Domain Name: FORTRESSOFFAITH.COM
335 Registry Domain ID: 1555724340_DOMAIN_COM-VRSN
336 Registrar WHOIS Server: whois.domaindiscover.com
337 Registrar URL: http://www.domaindiscover.com
338 Updated Date: 2017-09-10T17:28:57Z
339 Creation Date: 2009-05-14T22:06:41Z
340 Registry Expiry Date: 2024-05-14T22:06:41Z
341 Registrar: TierraNet Inc. d/b/a DomainDiscover
342 Registrar IANA ID: 86
343 Registrar Abuse Contact Email: abuse@tierra.net
344 Registrar Abuse Contact Phone: 858-560-9416
345 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
346 Name Server: NS1.BIGHORNHOSTING.COM
347 Name Server: NS2.BIGHORNHOSTING.COM
348 DNSSEC: unsigned
349 URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
350>>> Last update of whois database: 2019-10-22T11:12:52Z <<<
351
352For more information on Whois status codes, please visit https://icann.org/epp
353
354
355
356The Registry database contains ONLY .COM, .NET, .EDU domains and
357Registrars.
358
359
360
361
362G E O I P L O O K U P
363=========================
364
365[i] IP Address: 72.52.244.17
366[i] Country: United States
367[i] State: Michigan
368[i] City: Lansing
369[i] Latitude: 42.7348
370[i] Longitude: -84.6245
371
372
373
374
375H T T P H E A D E R S
376=======================
377
378
379[i] HTTP/1.0 200 OK
380[i] Connection: close
381[i] X-Powered-By: PHP/7.0.33
382[i] Access-Control-Allow-Origin: *
383[i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
384[i] Cache-Control: no-store, no-cache, must-revalidate
385[i] Pragma: no-cache
386[i] Content-Type: text/html; charset=UTF-8
387[i] X-UA-Compatible: IE=edge
388[i] Link: <https://fortressoffaith.com/wp-json/>; rel="https://api.w.org/"
389[i] Link: <https://fortressoffaith.com/>; rel=shortlink
390[i] Etag: "7781-1571145912;;;"
391[i] X-LiteSpeed-Cache: hit
392[i] Date: Tue, 22 Oct 2019 11:13:07 GMT
393[i] Server: LiteSpeed
394
395
396
397
398D N S L O O K U P
399===================
400
401fortressoffaith.com. 14399 IN TXT "v=spf1 +a +mx +ip4:72.52.144.226 ~all"
402fortressoffaith.com. 21599 IN SOA ns1.bighornhosting.com. pierre.bighornhost.net. 2017071303 3600 7200 1209600 86400
403fortressoffaith.com. 21599 IN NS ns2.bighornhosting.com.
404fortressoffaith.com. 21599 IN NS ns1.bighornhosting.com.
405fortressoffaith.com. 14399 IN A 72.52.244.17
406fortressoffaith.com. 14399 IN MX 0 fortressoffaith.com.
407
408
409
410
411S U B N E T C A L C U L A T I O N
412====================================
413
414Address = 72.52.244.17
415Network = 72.52.244.17 / 32
416Netmask = 255.255.255.255
417Broadcast = not needed on Point-to-Point links
418Wildcard Mask = 0.0.0.0
419Hosts Bits = 0
420Max. Hosts = 1 (2^0 - 0)
421Host Range = { 72.52.244.17 - 72.52.244.17 }
422
423
424
425N M A P P O R T S C A N
426============================
427
428Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-22 11:13 UTC
429Nmap scan report for fortressoffaith.com (72.52.244.17)
430Host is up (0.028s latency).
431rDNS record for 72.52.244.17: andrew.uswebhost.com
432
433PORT STATE SERVICE
43421/tcp open ftp
43522/tcp closed ssh
43623/tcp filtered telnet
43780/tcp open http
438110/tcp open pop3
439143/tcp open imap
440443/tcp open https
4413389/tcp filtered ms-wbt-server
442
443Nmap done: 1 IP address (1 host up) scanned in 1.28 seconds
444
445
446
447S U B - D O M A I N F I N D E R
448==================================
449
450
451[i] Total Subdomains Found : 2
452
453[+] Subdomain: cpanel.fortressoffaith.com
454[-] IP: 72.52.244.17
455
456[+] Subdomain: webmail.fortressoffaith.com
457[-] IP: 72.52.244.17
458#######################################################################################################################################
459Trying "fortressoffaith.com"
460;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18658
461;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 2, ADDITIONAL: 3
462
463;; QUESTION SECTION:
464;fortressoffaith.com. IN ANY
465
466;; ANSWER SECTION:
467fortressoffaith.com. 14400 IN MX 0 fortressoffaith.com.
468fortressoffaith.com. 14400 IN A 72.52.244.17
469fortressoffaith.com. 43200 IN SOA ns1.bighornhosting.com. pierre.bighornhost.net. 2017071303 3600 7200 1209600 86400
470fortressoffaith.com. 14400 IN TXT "v=spf1 +a +mx +ip4:72.52.144.226 ~all"
471fortressoffaith.com. 43200 IN NS ns2.bighornhosting.com.
472fortressoffaith.com. 43200 IN NS ns1.bighornhosting.com.
473
474;; AUTHORITY SECTION:
475fortressoffaith.com. 43200 IN NS ns2.bighornhosting.com.
476fortressoffaith.com. 43200 IN NS ns1.bighornhosting.com.
477
478;; ADDITIONAL SECTION:
479fortressoffaith.com. 14400 IN A 72.52.244.17
480ns2.bighornhosting.com. 43200 IN A 72.52.244.68
481ns1.bighornhosting.com. 43200 IN A 72.52.144.226
482
483Received 304 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 88 ms
484######################################################################################################################################
485; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace fortressoffaith.com
486;; global options: +cmd
487. 82914 IN NS j.root-servers.net.
488. 82914 IN NS f.root-servers.net.
489. 82914 IN NS k.root-servers.net.
490. 82914 IN NS h.root-servers.net.
491. 82914 IN NS d.root-servers.net.
492. 82914 IN NS c.root-servers.net.
493. 82914 IN NS e.root-servers.net.
494. 82914 IN NS m.root-servers.net.
495. 82914 IN NS g.root-servers.net.
496. 82914 IN NS l.root-servers.net.
497. 82914 IN NS i.root-servers.net.
498. 82914 IN NS b.root-servers.net.
499. 82914 IN NS a.root-servers.net.
500. 82914 IN RRSIG NS 8 0 518400 20191104050000 20191022040000 22545 . V7L2dB4F79xO9lx8hztPB86SYLY35tcInKqSk8aLbD8fvpqah4DWHoDe 2xbqt74EJPvBDnnxjmyB4tREMvAE2pcJYRcXgEXojn3yhrQSsQ3jFs5F PjYgRw0D2xB2yHw8rQ4l16CD7aEVgG+FefFGqt3W+daAM1PO+IYKW0wG ZlUdJNJSe51nOWemZldGoqlKha/wznCidzCCANqSG6ZPNuvTOgIFhRZB drsNOA4MFLWYNYyQpPWFiqtgkB5nZx3ACgXg/VY6Jy/blXbeM75bse+V 1878EtXXH4TdBRmzNhEyyy6uJa9iO9OjpIn2SDrdVRzSlWOKvOH+Pw8i KLe1JA==
501;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 107 ms
502
503com. 172800 IN NS a.gtld-servers.net.
504com. 172800 IN NS b.gtld-servers.net.
505com. 172800 IN NS c.gtld-servers.net.
506com. 172800 IN NS d.gtld-servers.net.
507com. 172800 IN NS e.gtld-servers.net.
508com. 172800 IN NS f.gtld-servers.net.
509com. 172800 IN NS g.gtld-servers.net.
510com. 172800 IN NS h.gtld-servers.net.
511com. 172800 IN NS i.gtld-servers.net.
512com. 172800 IN NS j.gtld-servers.net.
513com. 172800 IN NS k.gtld-servers.net.
514com. 172800 IN NS l.gtld-servers.net.
515com. 172800 IN NS m.gtld-servers.net.
516com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
517com. 86400 IN RRSIG DS 8 1 86400 20191104050000 20191022040000 22545 . CPiZLu+5g2FPKEBREYZ3/y+dZsCiKF/jITgwc8/o4Qfj86LICQpXSO+D q9ePdIb+eIyR4VP0b5P58/c3QfEd+AkHbzRc59yPvptWoz8kTrffpWQU yY2Nz1WNkg6A1g1YhFFRkgr4gaUvWeMIWD10wB2gEqbxk/ZfVW3BNw3J BzQ6fu9EPG1sd2FopWsqCM285+ASZEUsCuJmGu+Q+yq6CaD/03g/suQE +gWd3debwSwxxOGYd0t2bFWGPZZYzhrfoXsbULy2iYlkrdlJJM0akfzU z8+XGGVA6LvANBExB6lFXR7zBE3gQukDGO6KNfSWwx3LoQH0W6EQLURq z3TVNg==
518;; Received 1179 bytes from 2001:500:2d::d#53(d.root-servers.net) in 24 ms
519
520fortressoffaith.com. 172800 IN NS ns1.bighornhosting.com.
521fortressoffaith.com. 172800 IN NS ns2.bighornhosting.com.
522CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
523CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20191026044727 20191019033727 12163 com. L8X10nb9SRkzwcSf3SNTRa/24YQW0ay6SOzHltG4lknjnQgtMbu0/N3s LQH9wqc0SLy+qN+AYBKC8MtLicMWvYcx/SGRVlvfdgwcAR7wU7qxtJ8T vlfETNOWMGMwkPu//+yaJfWziWFnoLqnNeDcvlqnF0J3z0Ur89Bpb/NT Wng/L/BRj46mgZmQjllYzPHkR0cPAxYoFrLSCpal170H+g==
524FOGN3I94H2A9UGV5GFGT14N1QSTKOIUM.com. 86400 IN NSEC3 1 1 0 - FOGOAI8781JFAU7MD4IU4EB1VVESAI23 NS DS RRSIG
525FOGN3I94H2A9UGV5GFGT14N1QSTKOIUM.com. 86400 IN RRSIG NSEC3 8 2 86400 20191026052133 20191019041133 12163 com. lUrL25dru63cxGOk+vq82XgBUfPzLKjG4TgbL8GBYzu9azyvKT+gNLcm PUhd2X0c+TEtsMYV06L2EWIhAuj33N6rCHMGMNdn30oDk3Ds6WUSHZBw Pj+6ufMybBfqP8p/8UF/WrbcZjQsU/ix/F6vTY8H3HOtjqURILZifx6n dicy432cu5H4zeGX8eW5LXbUr5ToCOH5tMg5Mvo+/g1vgg==
526;; Received 680 bytes from 2001:500:856e::30#53(d.gtld-servers.net) in 54 ms
527
528fortressoffaith.com. 14400 IN A 72.52.244.17
529fortressoffaith.com. 86400 IN NS ns2.bighornhosting.com.
530fortressoffaith.com. 86400 IN NS ns1.bighornhosting.com.
531;; Received 175 bytes from 72.52.144.226#53(ns1.bighornhosting.com) in 325 ms
532######################################################################################################################################
533[*] Performing General Enumeration of Domain: fortressoffaith.com
534[-] DNSSEC is not configured for fortressoffaith.com
535[*] SOA ns1.bighornhosting.com 72.52.144.226
536[*] NS ns2.bighornhosting.com 72.52.244.68
537[*] Bind Version for 72.52.244.68 9.11.4-P2-RedHat-9.11.4-9.P2.el7
538[*] NS ns1.bighornhosting.com 72.52.144.226
539[*] Bind Version for 72.52.144.226 9.11.4-P2-RedHat-9.11.4-9.P2.el7
540[*] MX fortressoffaith.com 72.52.244.17
541[*] A fortressoffaith.com 72.52.244.17
542[*] TXT fortressoffaith.com v=spf1 +a +mx +ip4:72.52.144.226 ~all
543[*] Enumerating SRV Records
544[-] No SRV Records Found for fortressoffaith.com
545[+] 0 Records Found
546######################################################################################################################################
547[*] Processing domain fortressoffaith.com
548[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
549[+] Getting nameservers
55072.52.244.68 - ns2.bighornhosting.com
55172.52.144.226 - ns1.bighornhosting.com
552[-] Zone transfer failed
553
554[+] TXT records found
555"v=spf1 +a +mx +ip4:72.52.144.226 ~all"
556
557[+] MX records found, added to target list
5580 fortressoffaith.com.
559
560[*] Scanning fortressoffaith.com for A records
56172.52.244.17 - fortressoffaith.com
56272.52.244.17 - cpanel.fortressoffaith.com
56372.52.144.226 - ftp.fortressoffaith.com
56472.52.244.17 - mail.fortressoffaith.com
56572.52.244.17 - webdisk.fortressoffaith.com
56672.52.244.17 - webmail.fortressoffaith.com
56772.52.244.17 - whm.fortressoffaith.com
56872.52.244.17 - www.fortressoffaith.com
569#######################################################################################################################################
570
571Domains still to check: 1
572 Checking if the hostname fortressoffaith.com. given is in fact a domain...
573
574Analyzing domain: fortressoffaith.com.
575 Checking NameServers using system default resolver...
576 IP: 72.52.244.68 (United States)
577 HostName: ns2.bighornhosting.com Type: NS
578 HostName: andrew.uswebhost.com Type: PTR
579 IP: 72.52.144.226 (United States)
580 HostName: ns1.bighornhosting.com Type: NS
581 HostName: andrew.uswebhost.com Type: PTR
582
583 Checking MailServers using system default resolver...
584 IP: 72.52.244.17 (United States)
585 HostName: fortressoffaith.com Type: MX
586 HostName: andrew.uswebhost.com Type: PTR
587
588 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
589 No zone transfer found on nameserver 72.52.144.226
590 No zone transfer found on nameserver 72.52.244.68
591
592 Checking SPF record...
593
594 Checking 192 most common hostnames using system default resolver...
595 IP: 72.52.244.17 (United States)
596 HostName: fortressoffaith.com Type: MX
597 HostName: andrew.uswebhost.com Type: PTR
598 HostName: www.fortressoffaith.com. Type: A
599 IP: 72.52.144.226 (United States)
600 HostName: ns1.bighornhosting.com Type: NS
601 HostName: andrew.uswebhost.com Type: PTR
602 Type: SPF
603 HostName: ftp.fortressoffaith.com. Type: A
604 IP: 72.52.244.17 (United States)
605 HostName: fortressoffaith.com Type: MX
606 HostName: andrew.uswebhost.com Type: PTR
607 HostName: www.fortressoffaith.com. Type: A
608 HostName: mail.fortressoffaith.com. Type: A
609 IP: 72.52.244.17 (United States)
610 HostName: fortressoffaith.com Type: MX
611 HostName: andrew.uswebhost.com Type: PTR
612 HostName: www.fortressoffaith.com. Type: A
613 HostName: mail.fortressoffaith.com. Type: A
614 HostName: webmail.fortressoffaith.com. Type: A
615
616 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
617 Checking netblock 72.52.144.0
618 Checking netblock 72.52.244.0
619
620 Searching for fortressoffaith.com. emails in Google
621
622 Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
623 Host 72.52.144.226 is up (echo-reply ttl 56)
624 Host 72.52.244.68 is up (reset ttl 64)
625 Host 72.52.244.17 is up (reset ttl 64)
626
627 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
628 Scanning ip 72.52.144.226 (ftp.fortressoffaith.com.):
629NSOCK ERROR [56.2870s] mksock_bind_addr(): Bind to 0.0.0.0:22 failed (IOD #121): Address already in use (98)
630 21/tcp open ftp syn-ack ttl 56 Pure-FTPd
631 | ssl-cert: Subject: commonName=andrew.uswebhost.com
632 | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
633 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
634 | Public Key type: rsa
635 | Public Key bits: 2048
636 | Signature Algorithm: sha256WithRSAEncryption
637 | Not valid before: 2019-04-22T00:00:00
638 | Not valid after: 2020-04-21T23:59:59
639 | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
640 |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
641 |_ssl-date: TLS randomness does not represent time
642 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
643 | dns-nsid:
644 |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
645 80/tcp open http syn-ack ttl 56 LiteSpeed httpd
646 | http-methods:
647 |_ Supported Methods: OPTIONS HEAD GET POST
648 |_http-server-header: LiteSpeed
649 |_http-title: Site doesn't have a title (text/html).
650 110/tcp open pop3 syn-ack ttl 56 Dovecot pop3d
651 |_pop3-capabilities: USER PIPELINING CAPA RESP-CODES TOP SASL(PLAIN LOGIN) STLS AUTH-RESP-CODE UIDL
652 |_ssl-date: TLS randomness does not represent time
653 143/tcp open imap syn-ack ttl 56 Dovecot imapd
654 |_imap-capabilities: STARTTLS AUTH=PLAIN SASL-IR NAMESPACE capabilities IMAP4rev1 post-login Pre-login more have ID AUTH=LOGINA0001 listed IDLE ENABLE LOGIN-REFERRALS LITERAL+ OK
655 |_ssl-date: TLS randomness does not represent time
656 443/tcp open ssl/http syn-ack ttl 56 LiteSpeed httpd
657 | http-methods:
658 |_ Supported Methods: OPTIONS HEAD GET POST
659 |_http-server-header: LiteSpeed
660 |_http-title: Site doesn't have a title (text/html).
661 | ssl-cert: Subject: commonName=andrew.uswebhost.com
662 | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
663 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
664 | Public Key type: rsa
665 | Public Key bits: 2048
666 | Signature Algorithm: sha256WithRSAEncryption
667 | Not valid before: 2017-06-09T00:00:00
668 | Not valid after: 2018-06-09T23:59:59
669 | MD5: 8e4f acd9 49e8 1ce2 6852 8d9d e6af a499
670 |_SHA-1: 25ae d633 8140 a626 8fa9 c672 a9aa 164a 3cd3 1156
671 |_ssl-date: 2019-10-22T11:31:31+00:00; -1s from scanner time.
672 | tls-alpn:
673 | h2
674 | spdy/3
675 | spdy/2
676 |_ http/1.1
677 465/tcp open ssl/smtp syn-ack ttl 56 Exim smtpd 4.92
678 |_smtp-commands: Couldn't establish connection on port 465
679 | ssl-cert: Subject: commonName=andrew.uswebhost.com
680 | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
681 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
682 | Public Key type: rsa
683 | Public Key bits: 2048
684 | Signature Algorithm: sha256WithRSAEncryption
685 | Not valid before: 2019-04-22T00:00:00
686 | Not valid after: 2020-04-21T23:59:59
687 | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
688 |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
689 |_ssl-date: TLS randomness does not represent time
690 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
691 | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, STARTTLS, HELP,
692 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
693 | ssl-cert: Subject: commonName=andrew.uswebhost.com
694 | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
695 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
696 | Public Key type: rsa
697 | Public Key bits: 2048
698 | Signature Algorithm: sha256WithRSAEncryption
699 | Not valid before: 2019-04-22T00:00:00
700 | Not valid after: 2020-04-21T23:59:59
701 | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
702 |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
703 |_ssl-date: TLS randomness does not represent time
704 993/tcp open ssl/imaps? syn-ack ttl 56
705 |_ssl-date: TLS randomness does not represent time
706 995/tcp open ssl/pop3s? syn-ack ttl 56
707 |_ssl-date: TLS randomness does not represent time
708 3306/tcp open mysql syn-ack ttl 56 MySQL 5.5.5-10.2.27-MariaDB-cll-lve
709 | mysql-info:
710 | Protocol: 10
711 | Version: 5.5.5-10.2.27-MariaDB-cll-lve
712 | Thread ID: 57087
713 | Capabilities flags: 63486
714 | Some Capabilities: LongColumnFlag, ODBCClient, ConnectWithDatabase, FoundRows, Speaks41ProtocolOld, SupportsTransactions, IgnoreSigpipes, InteractiveClient, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, DontAllowDatabaseTableColumn, SupportsCompression, SupportsLoadDataLocal, Support41Auth, SupportsMultipleStatments, SupportsMultipleResults, SupportsAuthPlugins
715 | Status: Autocommit
716 | Salt: fUY?k#ga/e1b{fkgBT`f
717 |_ Auth Plugin Name: mysql_native_password
718 Device type: general purpose|WAP|storage-misc|firewall|proxy server|broadband router
719 Running (JUST GUESSING): FreeBSD 6.X (92%), Linux 3.X|4.X|2.6.X (88%), Dell embedded (85%), Cisco embedded (85%), Riverbed embedded (85%), Zhone embedded (85%)
720 OS Info: Service Info: Host: andrew.uswebhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
721 |_clock-skew: -1s
722 Scanning ip 72.52.244.68 (andrew.uswebhost.com (PTR)):
723 21/tcp open ftp syn-ack ttl 56 Pure-FTPd
724 | ssl-cert: Subject: commonName=andrew.uswebhost.com
725 | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
726 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
727 | Public Key type: rsa
728 | Public Key bits: 2048
729 | Signature Algorithm: sha256WithRSAEncryption
730 | Not valid before: 2019-04-22T00:00:00
731 | Not valid after: 2020-04-21T23:59:59
732 | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
733 |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
734 |_ssl-date: TLS randomness does not represent time
735 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
736 | dns-nsid:
737 |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
738 80/tcp open http syn-ack ttl 56 LiteSpeed httpd
739 | http-methods:
740 |_ Supported Methods: OPTIONS HEAD GET POST
741 |_http-server-header: LiteSpeed
742 |_http-title: Site doesn't have a title (text/html).
743 110/tcp open pop3 syn-ack ttl 56 Dovecot pop3d
744 |_pop3-capabilities: STLS AUTH-RESP-CODE TOP PIPELINING UIDL USER RESP-CODES CAPA SASL(PLAIN LOGIN)
745 |_ssl-date: TLS randomness does not represent time
746 143/tcp open imap syn-ack ttl 56 Dovecot imapd
747 |_imap-capabilities: ID LITERAL+ listed IMAP4rev1 IDLE NAMESPACE LOGIN-REFERRALS post-login Pre-login OK ENABLE have more capabilities STARTTLS SASL-IR AUTH=LOGINA0001 AUTH=PLAIN
748 |_ssl-date: TLS randomness does not represent time
749 443/tcp open ssl/http syn-ack ttl 56 LiteSpeed httpd
750 | http-methods:
751 |_ Supported Methods: OPTIONS HEAD GET POST
752 |_http-server-header: LiteSpeed
753 |_http-title: Site doesn't have a title (text/html).
754 | ssl-cert: Subject: commonName=andrew.uswebhost.com
755 | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
756 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
757 | Public Key type: rsa
758 | Public Key bits: 2048
759 | Signature Algorithm: sha256WithRSAEncryption
760 | Not valid before: 2019-04-22T00:00:00
761 | Not valid after: 2020-04-21T23:59:59
762 | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
763 |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
764 |_ssl-date: 2019-10-22T11:34:39+00:00; -1s from scanner time.
765 | tls-alpn:
766 | h2
767 | spdy/3
768 | spdy/2
769 |_ http/1.1
770 465/tcp open ssl/smtp syn-ack ttl 56 Exim smtpd 4.92
771 | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
772 |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
773 | ssl-cert: Subject: commonName=andrew.uswebhost.com
774 | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
775 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
776 | Public Key type: rsa
777 | Public Key bits: 2048
778 | Signature Algorithm: sha256WithRSAEncryption
779 | Not valid before: 2019-04-22T00:00:00
780 | Not valid after: 2020-04-21T23:59:59
781 | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
782 |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
783 |_ssl-date: TLS randomness does not represent time
784 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
785 | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, STARTTLS, HELP,
786 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
787 | ssl-cert: Subject: commonName=andrew.uswebhost.com
788 | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
789 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
790 | Public Key type: rsa
791 | Public Key bits: 2048
792 | Signature Algorithm: sha256WithRSAEncryption
793 | Not valid before: 2019-04-22T00:00:00
794 | Not valid after: 2020-04-21T23:59:59
795 | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
796 |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
797 |_ssl-date: TLS randomness does not represent time
798 993/tcp open ssl/imaps? syn-ack ttl 56
799 |_ssl-date: TLS randomness does not represent time
800 995/tcp open ssl/pop3s? syn-ack ttl 56
801 |_ssl-date: TLS randomness does not represent time
802 3306/tcp open mysql syn-ack ttl 56 MySQL 5.5.5-10.2.27-MariaDB-cll-lve
803 | mysql-info:
804 | Protocol: 10
805 | Version: 5.5.5-10.2.27-MariaDB-cll-lve
806 | Thread ID: 58267
807 | Capabilities flags: 63486
808 | Some Capabilities: SupportsCompression, FoundRows, InteractiveClient, IgnoreSpaceBeforeParenthesis, IgnoreSigpipes, SupportsLoadDataLocal, Support41Auth, LongColumnFlag, DontAllowDatabaseTableColumn, ConnectWithDatabase, Speaks41ProtocolOld, SupportsTransactions, ODBCClient, Speaks41ProtocolNew, SupportsMultipleStatments, SupportsAuthPlugins, SupportsMultipleResults
809 | Status: Autocommit
810 | Salt: v5@!$2nT:dkjUHK}VvoL
811 |_ Auth Plugin Name: mysql_native_password
812 OS Info: Service Info: Host: andrew.uswebhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
813 |_clock-skew: -1s
814 Scanning ip 72.52.244.17 (webmail.fortressoffaith.com.):
815 21/tcp open ftp syn-ack ttl 56 Pure-FTPd
816 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
817 | dns-nsid:
818 |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
819 80/tcp open http syn-ack ttl 56 LiteSpeed httpd
820 | http-methods:
821 |_ Supported Methods: OPTIONS HEAD GET POST
822 |_http-title: Site doesn't have a title (text/html).
823 110/tcp open pop3 syn-ack ttl 56 Dovecot pop3d
824 143/tcp open imap syn-ack ttl 56 Dovecot imapd
825 |_imap-capabilities: LOGIN-REFERRALS STARTTLS SASL-IR AUTH=LOGINA0001 post-login NAMESPACE have AUTH=PLAIN ID ENABLE OK IMAP4rev1 more IDLE listed capabilities Pre-login LITERAL+
826 443/tcp open ssl/http syn-ack ttl 56 LiteSpeed httpd
827 | http-cookie-flags:
828 | /:
829 | PHPSESSID:
830 |_ httponly flag not set
831 |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
832 | http-robots.txt: 1 disallowed entry
833 |_/wp-admin/
834 |_http-title: Did not follow redirect to https://bighornhosting.com/
835 | ssl-cert: Subject: commonName=bighornhosting.com
836 | Subject Alternative Name: DNS:bighornhosting.com, DNS:cpanel.bighornhosting.com, DNS:mail.bighornhosting.com, DNS:webdisk.bighornhosting.com, DNS:webmail.bighornhosting.com, DNS:whm.bighornhosting.com, DNS:www.bighornhosting.com
837 | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
838 | Public Key type: rsa
839 | Public Key bits: 2048
840 | Signature Algorithm: sha256WithRSAEncryption
841 | Not valid before: 2019-09-18T02:08:45
842 | Not valid after: 2019-12-17T02:08:45
843 | MD5: d01a 9027 47d9 e638 609d 2c22 c3c4 722c
844 |_SHA-1: b6a1 69c7 f8fc 7d21 9237 3776 009f 080c 07f2 1ebf
845 465/tcp open ssl/smtp syn-ack ttl 56 Exim smtpd 4.92
846 | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
847 |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
848 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
849 | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, STARTTLS, HELP,
850 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
851 993/tcp open ssl/imaps? syn-ack ttl 56
852 995/tcp open ssl/pop3s? syn-ack ttl 56
853 3306/tcp open mysql syn-ack ttl 56 MySQL 5.5.5-10.2.27-MariaDB-cll-lve
854 | mysql-info:
855 | Protocol: 10
856 | Version: 5.5.5-10.2.27-MariaDB-cll-lve
857 | Thread ID: 59305
858 | Capabilities flags: 63486
859 | Some Capabilities: Support41Auth, Speaks41ProtocolOld, SupportsTransactions, IgnoreSpaceBeforeParenthesis, DontAllowDatabaseTableColumn, IgnoreSigpipes, InteractiveClient, Speaks41ProtocolNew, SupportsCompression, ODBCClient, SupportsLoadDataLocal, ConnectWithDatabase, FoundRows, LongColumnFlag, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments
860 | Status: Autocommit
861 | Salt: By\Am&nz:SoVC*HmkT?~
862 |_ Auth Plugin Name: mysql_native_password
863 Device type: general purpose|storage-misc|firewall|webcam
864 Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (93%), Synology DiskStation Manager 5.X (87%), FreeBSD 6.X (86%), WatchGuard Fireware 11.X (86%), Tandberg embedded (86%)
865 OS Info: Service Info: Host: andrew.uswebhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
866 WebCrawling domain's web servers... up to 50 max links.
867
868 + URL to crawl: http://ns1.bighornhosting.com
869 + Date: 2019-10-22
870
871 + Crawling URL: http://ns1.bighornhosting.com:
872 + Links:
873 + Crawling http://ns1.bighornhosting.com (timed out)
874 + Searching for directories...
875 + Searching open folders...
876
877
878 + URL to crawl: http://ftp.fortressoffaith.com.
879 + Date: 2019-10-22
880
881 + Crawling URL: http://ftp.fortressoffaith.com.:
882 + Links:
883 + Crawling http://ftp.fortressoffaith.com. (timed out)
884 + Searching for directories...
885 + Searching open folders...
886
887
888 + URL to crawl: https://ns1.bighornhosting.com
889 + Date: 2019-10-22
890
891 + Crawling URL: https://ns1.bighornhosting.com:
892 + Links:
893 + Crawling https://ns1.bighornhosting.com (timed out)
894 + Searching for directories...
895 + Searching open folders...
896
897
898 + URL to crawl: https://ftp.fortressoffaith.com.
899 + Date: 2019-10-22
900
901 + Crawling URL: https://ftp.fortressoffaith.com.:
902 + Links:
903 + Crawling https://ftp.fortressoffaith.com. (timed out)
904 + Searching for directories...
905 + Searching open folders...
906
907
908 + URL to crawl: http://ns2.bighornhosting.com
909 + Date: 2019-10-22
910
911 + Crawling URL: http://ns2.bighornhosting.com:
912 + Links:
913 + Crawling http://ns2.bighornhosting.com (timed out)
914 + Searching for directories...
915 + Searching open folders...
916
917
918 + URL to crawl: https://ns2.bighornhosting.com
919 + Date: 2019-10-22
920
921 + Crawling URL: https://ns2.bighornhosting.com:
922 + Links:
923 + Crawling https://ns2.bighornhosting.com (timed out)
924 + Searching for directories...
925 + Searching open folders...
926
927
928 + URL to crawl: http://www.fortressoffaith.com.
929 + Date: 2019-10-22
930
931 + Crawling URL: http://www.fortressoffaith.com.:
932 + Links:
933 + Crawling http://www.fortressoffaith.com. (timed out)
934 + Searching for directories...
935 + Searching open folders...
936
937
938 + URL to crawl: http://mail.fortressoffaith.com.
939 + Date: 2019-10-22
940
941 + Crawling URL: http://mail.fortressoffaith.com.:
942 + Links:
943 + Crawling http://mail.fortressoffaith.com. (timed out)
944 + Searching for directories...
945 + Searching open folders...
946
947
948 + URL to crawl: http://fortressoffaith.com
949 + Date: 2019-10-22
950
951 + Crawling URL: http://fortressoffaith.com:
952 + Links:
953 + Crawling http://fortressoffaith.com (timed out)
954 + Searching for directories...
955 + Searching open folders...
956
957
958 + URL to crawl: http://webmail.fortressoffaith.com.
959 + Date: 2019-10-22
960
961 + Crawling URL: http://webmail.fortressoffaith.com.:
962 + Links:
963 + Crawling http://webmail.fortressoffaith.com. (timed out)
964 + Searching for directories...
965 + Searching open folders...
966
967
968 + URL to crawl: https://www.fortressoffaith.com.
969 + Date: 2019-10-22
970
971 + Crawling URL: https://www.fortressoffaith.com.:
972 + Links:
973 + Crawling https://www.fortressoffaith.com. (timed out)
974 + Searching for directories...
975 + Searching open folders...
976
977
978 + URL to crawl: https://mail.fortressoffaith.com.
979 + Date: 2019-10-22
980
981 + Crawling URL: https://mail.fortressoffaith.com.:
982 + Links:
983 + Crawling https://mail.fortressoffaith.com. (timed out)
984 + Searching for directories...
985 + Searching open folders...
986
987
988 + URL to crawl: https://fortressoffaith.com
989 + Date: 2019-10-22
990
991 + Crawling URL: https://fortressoffaith.com:
992 + Links:
993 + Crawling https://fortressoffaith.com (timed out)
994 + Searching for directories...
995 + Searching open folders...
996
997
998 + URL to crawl: https://webmail.fortressoffaith.com.
999 + Date: 2019-10-22
1000
1001 + Crawling URL: https://webmail.fortressoffaith.com.:
1002 + Links:
1003 + Crawling https://webmail.fortressoffaith.com. (timed out)
1004 + Searching for directories...
1005 + Searching open folders...
1006
1007--Finished--
1008Summary information for domain fortressoffaith.com.
1009-----------------------------------------
1010
1011 Domain Ips Information:
1012 IP: 72.52.144.226
1013 HostName: ns1.bighornhosting.com Type: NS
1014 HostName: andrew.uswebhost.com Type: PTR
1015 Type: SPF
1016 HostName: ftp.fortressoffaith.com. Type: A
1017 Country: United States
1018 Is Active: True (echo-reply ttl 56)
1019 Port: 21/tcp open ftp syn-ack ttl 56 Pure-FTPd
1020 Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
1021 Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
1022 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1023 Script Info: | Public Key type: rsa
1024 Script Info: | Public Key bits: 2048
1025 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1026 Script Info: | Not valid before: 2019-04-22T00:00:00
1027 Script Info: | Not valid after: 2020-04-21T23:59:59
1028 Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
1029 Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
1030 Script Info: |_ssl-date: TLS randomness does not represent time
1031 Port: 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
1032 Script Info: | dns-nsid:
1033 Script Info: |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
1034 Port: 80/tcp open http syn-ack ttl 56 LiteSpeed httpd
1035 Script Info: | http-methods:
1036 Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
1037 Script Info: |_http-server-header: LiteSpeed
1038 Script Info: |_http-title: Site doesn't have a title (text/html).
1039 Port: 110/tcp open pop3 syn-ack ttl 56 Dovecot pop3d
1040 Script Info: |_pop3-capabilities: USER PIPELINING CAPA RESP-CODES TOP SASL(PLAIN LOGIN) STLS AUTH-RESP-CODE UIDL
1041 Script Info: |_ssl-date: TLS randomness does not represent time
1042 Port: 143/tcp open imap syn-ack ttl 56 Dovecot imapd
1043 Script Info: |_imap-capabilities: STARTTLS AUTH=PLAIN SASL-IR NAMESPACE capabilities IMAP4rev1 post-login Pre-login more have ID AUTH=LOGINA0001 listed IDLE ENABLE LOGIN-REFERRALS LITERAL+ OK
1044 Script Info: |_ssl-date: TLS randomness does not represent time
1045 Port: 443/tcp open ssl/http syn-ack ttl 56 LiteSpeed httpd
1046 Script Info: | http-methods:
1047 Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
1048 Script Info: |_http-server-header: LiteSpeed
1049 Script Info: |_http-title: Site doesn't have a title (text/html).
1050 Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
1051 Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
1052 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1053 Script Info: | Public Key type: rsa
1054 Script Info: | Public Key bits: 2048
1055 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1056 Script Info: | Not valid before: 2017-06-09T00:00:00
1057 Script Info: | Not valid after: 2018-06-09T23:59:59
1058 Script Info: | MD5: 8e4f acd9 49e8 1ce2 6852 8d9d e6af a499
1059 Script Info: |_SHA-1: 25ae d633 8140 a626 8fa9 c672 a9aa 164a 3cd3 1156
1060 Script Info: |_ssl-date: 2019-10-22T11:31:31+00:00; -1s from scanner time.
1061 Script Info: | tls-alpn:
1062 Script Info: | h2
1063 Script Info: | spdy/3
1064 Script Info: | spdy/2
1065 Script Info: |_ http/1.1
1066 Port: 465/tcp open ssl/smtp syn-ack ttl 56 Exim smtpd 4.92
1067 Script Info: |_smtp-commands: Couldn't establish connection on port 465
1068 Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
1069 Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
1070 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1071 Script Info: | Public Key type: rsa
1072 Script Info: | Public Key bits: 2048
1073 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1074 Script Info: | Not valid before: 2019-04-22T00:00:00
1075 Script Info: | Not valid after: 2020-04-21T23:59:59
1076 Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
1077 Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
1078 Script Info: |_ssl-date: TLS randomness does not represent time
1079 Port: 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
1080 Script Info: | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, STARTTLS, HELP,
1081 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1082 Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
1083 Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
1084 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1085 Script Info: | Public Key type: rsa
1086 Script Info: | Public Key bits: 2048
1087 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1088 Script Info: | Not valid before: 2019-04-22T00:00:00
1089 Script Info: | Not valid after: 2020-04-21T23:59:59
1090 Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
1091 Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
1092 Script Info: |_ssl-date: TLS randomness does not represent time
1093 Port: 993/tcp open ssl/imaps? syn-ack ttl 56
1094 Script Info: |_ssl-date: TLS randomness does not represent time
1095 Port: 995/tcp open ssl/pop3s? syn-ack ttl 56
1096 Script Info: |_ssl-date: TLS randomness does not represent time
1097 Port: 3306/tcp open mysql syn-ack ttl 56 MySQL 5.5.5-10.2.27-MariaDB-cll-lve
1098 Script Info: | mysql-info:
1099 Script Info: | Protocol: 10
1100 Script Info: | Version: 5.5.5-10.2.27-MariaDB-cll-lve
1101 Script Info: | Thread ID: 57087
1102 Script Info: | Capabilities flags: 63486
1103 Script Info: | Some Capabilities: LongColumnFlag, ODBCClient, ConnectWithDatabase, FoundRows, Speaks41ProtocolOld, SupportsTransactions, IgnoreSigpipes, InteractiveClient, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, DontAllowDatabaseTableColumn, SupportsCompression, SupportsLoadDataLocal, Support41Auth, SupportsMultipleStatments, SupportsMultipleResults, SupportsAuthPlugins
1104 Script Info: | Status: Autocommit
1105 Script Info: | Salt: fUY?k#ga/e1b{fkgBT`f
1106 Script Info: |_ Auth Plugin Name: mysql_native_password
1107 Script Info: Device type: general purpose|WAP|storage-misc|firewall|proxy server|broadband router
1108 Script Info: Running (JUST GUESSING): FreeBSD 6.X (92%), Linux 3.X|4.X|2.6.X (88%), Dell embedded (85%), Cisco embedded (85%), Riverbed embedded (85%), Zhone embedded (85%)
1109 Os Info: Host: andrew.uswebhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1110 Script Info: |_clock-skew: -1s
1111 IP: 72.52.244.68
1112 HostName: ns2.bighornhosting.com Type: NS
1113 HostName: andrew.uswebhost.com Type: PTR
1114 Country: United States
1115 Is Active: True (reset ttl 64)
1116 Port: 21/tcp open ftp syn-ack ttl 56 Pure-FTPd
1117 Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
1118 Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
1119 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1120 Script Info: | Public Key type: rsa
1121 Script Info: | Public Key bits: 2048
1122 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1123 Script Info: | Not valid before: 2019-04-22T00:00:00
1124 Script Info: | Not valid after: 2020-04-21T23:59:59
1125 Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
1126 Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
1127 Script Info: |_ssl-date: TLS randomness does not represent time
1128 Port: 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
1129 Script Info: | dns-nsid:
1130 Script Info: |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
1131 Port: 80/tcp open http syn-ack ttl 56 LiteSpeed httpd
1132 Script Info: | http-methods:
1133 Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
1134 Script Info: |_http-server-header: LiteSpeed
1135 Script Info: |_http-title: Site doesn't have a title (text/html).
1136 Port: 110/tcp open pop3 syn-ack ttl 56 Dovecot pop3d
1137 Script Info: |_pop3-capabilities: STLS AUTH-RESP-CODE TOP PIPELINING UIDL USER RESP-CODES CAPA SASL(PLAIN LOGIN)
1138 Script Info: |_ssl-date: TLS randomness does not represent time
1139 Port: 143/tcp open imap syn-ack ttl 56 Dovecot imapd
1140 Script Info: |_imap-capabilities: ID LITERAL+ listed IMAP4rev1 IDLE NAMESPACE LOGIN-REFERRALS post-login Pre-login OK ENABLE have more capabilities STARTTLS SASL-IR AUTH=LOGINA0001 AUTH=PLAIN
1141 Script Info: |_ssl-date: TLS randomness does not represent time
1142 Port: 443/tcp open ssl/http syn-ack ttl 56 LiteSpeed httpd
1143 Script Info: | http-methods:
1144 Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
1145 Script Info: |_http-server-header: LiteSpeed
1146 Script Info: |_http-title: Site doesn't have a title (text/html).
1147 Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
1148 Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
1149 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1150 Script Info: | Public Key type: rsa
1151 Script Info: | Public Key bits: 2048
1152 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1153 Script Info: | Not valid before: 2019-04-22T00:00:00
1154 Script Info: | Not valid after: 2020-04-21T23:59:59
1155 Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
1156 Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
1157 Script Info: |_ssl-date: 2019-10-22T11:34:39+00:00; -1s from scanner time.
1158 Script Info: | tls-alpn:
1159 Script Info: | h2
1160 Script Info: | spdy/3
1161 Script Info: | spdy/2
1162 Script Info: |_ http/1.1
1163 Port: 465/tcp open ssl/smtp syn-ack ttl 56 Exim smtpd 4.92
1164 Script Info: | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
1165 Script Info: |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1166 Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
1167 Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
1168 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1169 Script Info: | Public Key type: rsa
1170 Script Info: | Public Key bits: 2048
1171 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1172 Script Info: | Not valid before: 2019-04-22T00:00:00
1173 Script Info: | Not valid after: 2020-04-21T23:59:59
1174 Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
1175 Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
1176 Script Info: |_ssl-date: TLS randomness does not represent time
1177 Port: 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
1178 Script Info: | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, STARTTLS, HELP,
1179 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1180 Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
1181 Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
1182 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1183 Script Info: | Public Key type: rsa
1184 Script Info: | Public Key bits: 2048
1185 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1186 Script Info: | Not valid before: 2019-04-22T00:00:00
1187 Script Info: | Not valid after: 2020-04-21T23:59:59
1188 Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
1189 Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
1190 Script Info: |_ssl-date: TLS randomness does not represent time
1191 Port: 993/tcp open ssl/imaps? syn-ack ttl 56
1192 Script Info: |_ssl-date: TLS randomness does not represent time
1193 Port: 995/tcp open ssl/pop3s? syn-ack ttl 56
1194 Script Info: |_ssl-date: TLS randomness does not represent time
1195 Port: 3306/tcp open mysql syn-ack ttl 56 MySQL 5.5.5-10.2.27-MariaDB-cll-lve
1196 Script Info: | mysql-info:
1197 Script Info: | Protocol: 10
1198 Script Info: | Version: 5.5.5-10.2.27-MariaDB-cll-lve
1199 Script Info: | Thread ID: 58267
1200 Script Info: | Capabilities flags: 63486
1201 Script Info: | Some Capabilities: SupportsCompression, FoundRows, InteractiveClient, IgnoreSpaceBeforeParenthesis, IgnoreSigpipes, SupportsLoadDataLocal, Support41Auth, LongColumnFlag, DontAllowDatabaseTableColumn, ConnectWithDatabase, Speaks41ProtocolOld, SupportsTransactions, ODBCClient, Speaks41ProtocolNew, SupportsMultipleStatments, SupportsAuthPlugins, SupportsMultipleResults
1202 Script Info: | Status: Autocommit
1203 Script Info: | Salt: v5@!$2nT:dkjUHK}VvoL
1204 Script Info: |_ Auth Plugin Name: mysql_native_password
1205 Os Info: Host: andrew.uswebhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1206 Script Info: |_clock-skew: -1s
1207 IP: 72.52.244.17
1208 HostName: fortressoffaith.com Type: MX
1209 HostName: andrew.uswebhost.com Type: PTR
1210 HostName: www.fortressoffaith.com. Type: A
1211 HostName: mail.fortressoffaith.com. Type: A
1212 HostName: webmail.fortressoffaith.com. Type: A
1213 Country: United States
1214 Is Active: True (reset ttl 64)
1215 Port: 21/tcp open ftp syn-ack ttl 56 Pure-FTPd
1216 Port: 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
1217 Script Info: | dns-nsid:
1218 Script Info: |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
1219 Port: 80/tcp open http syn-ack ttl 56 LiteSpeed httpd
1220 Script Info: | http-methods:
1221 Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
1222 Script Info: |_http-title: Site doesn't have a title (text/html).
1223 Port: 110/tcp open pop3 syn-ack ttl 56 Dovecot pop3d
1224 Port: 143/tcp open imap syn-ack ttl 56 Dovecot imapd
1225 Script Info: |_imap-capabilities: LOGIN-REFERRALS STARTTLS SASL-IR AUTH=LOGINA0001 post-login NAMESPACE have AUTH=PLAIN ID ENABLE OK IMAP4rev1 more IDLE listed capabilities Pre-login LITERAL+
1226 Port: 443/tcp open ssl/http syn-ack ttl 56 LiteSpeed httpd
1227 Script Info: | http-cookie-flags:
1228 Script Info: | /:
1229 Script Info: | PHPSESSID:
1230 Script Info: |_ httponly flag not set
1231 Script Info: |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
1232 Script Info: | http-robots.txt: 1 disallowed entry
1233 Script Info: |_/wp-admin/
1234 Script Info: |_http-title: Did not follow redirect to https://bighornhosting.com/
1235 Script Info: | ssl-cert: Subject: commonName=bighornhosting.com
1236 Script Info: | Subject Alternative Name: DNS:bighornhosting.com, DNS:cpanel.bighornhosting.com, DNS:mail.bighornhosting.com, DNS:webdisk.bighornhosting.com, DNS:webmail.bighornhosting.com, DNS:whm.bighornhosting.com, DNS:www.bighornhosting.com
1237 Script Info: | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
1238 Script Info: | Public Key type: rsa
1239 Script Info: | Public Key bits: 2048
1240 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1241 Script Info: | Not valid before: 2019-09-18T02:08:45
1242 Script Info: | Not valid after: 2019-12-17T02:08:45
1243 Script Info: | MD5: d01a 9027 47d9 e638 609d 2c22 c3c4 722c
1244 Script Info: |_SHA-1: b6a1 69c7 f8fc 7d21 9237 3776 009f 080c 07f2 1ebf
1245 Port: 465/tcp open ssl/smtp syn-ack ttl 56 Exim smtpd 4.92
1246 Script Info: | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
1247 Script Info: |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1248 Port: 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
1249 Script Info: | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, STARTTLS, HELP,
1250 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1251 Port: 993/tcp open ssl/imaps? syn-ack ttl 56
1252 Port: 995/tcp open ssl/pop3s? syn-ack ttl 56
1253 Port: 3306/tcp open mysql syn-ack ttl 56 MySQL 5.5.5-10.2.27-MariaDB-cll-lve
1254 Script Info: | mysql-info:
1255 Script Info: | Protocol: 10
1256 Script Info: | Version: 5.5.5-10.2.27-MariaDB-cll-lve
1257 Script Info: | Thread ID: 59305
1258 Script Info: | Capabilities flags: 63486
1259 Script Info: | Some Capabilities: Support41Auth, Speaks41ProtocolOld, SupportsTransactions, IgnoreSpaceBeforeParenthesis, DontAllowDatabaseTableColumn, IgnoreSigpipes, InteractiveClient, Speaks41ProtocolNew, SupportsCompression, ODBCClient, SupportsLoadDataLocal, ConnectWithDatabase, FoundRows, LongColumnFlag, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments
1260 Script Info: | Status: Autocommit
1261 Script Info: | Salt: By\Am&nz:SoVC*HmkT?~
1262 Script Info: |_ Auth Plugin Name: mysql_native_password
1263 Script Info: Device type: general purpose|storage-misc|firewall|webcam
1264 Script Info: Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (93%), Synology DiskStation Manager 5.X (87%), FreeBSD 6.X (86%), WatchGuard Fireware 11.X (86%), Tandberg embedded (86%)
1265 Os Info: Host: andrew.uswebhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1266#######################################################################################################################################
1267----- fortressoffaith.com -----
1268
1269
1270Host's addresses:
1271__________________
1272
1273fortressoffaith.com. 11399 IN A 72.52.244.17
1274
1275
1276Name Servers:
1277______________
1278
1279ns2.bighornhosting.com. 83399 IN A 72.52.244.68
1280ns1.bighornhosting.com. 84553 IN A 72.52.144.226
1281
1282
1283Mail (MX) Servers:
1284___________________
1285
1286fortressoffaith.com. 11398 IN A 72.52.244.17
1287
1288_______________________________________________
1289
1290ftp.fortressoffaith.com. 12507 IN A 72.52.144.226
1291mail.fortressoffaith.com. 12494 IN CNAME fortressoffaith.com.
1292fortressoffaith.com. 12549 IN A 72.52.244.17
1293webmail.fortressoffaith.com. 12459 IN A 72.52.244.17
1294www.fortressoffaith.com. 12502 IN CNAME fortressoffaith.com.
1295fortressoffaith.com. 12502 IN A 72.52.244.17
1296
1297
1298Launching Whois Queries:
1299_________________________
1300
1301 whois ip result: 72.52.144.0 -> 72.52.128.0/17
1302
1303#######################################################################################################################################
1304AVAILABLE PLUGINS
1305 -----------------
1306
1307 CompressionPlugin
1308 OpenSslCipherSuitesPlugin
1309 HeartbleedPlugin
1310 RobotPlugin
1311 CertificateInfoPlugin
1312 FallbackScsvPlugin
1313 OpenSslCcsInjectionPlugin
1314 HttpHeadersPlugin
1315 SessionRenegotiationPlugin
1316 SessionResumptionPlugin
1317 EarlyDataPlugin
1318
1319
1320
1321 CHECKING HOST(S) AVAILABILITY
1322 -----------------------------
1323
1324 72.52.244.17:443 => 72.52.244.17
1325
1326
1327
1328
1329 SCAN RESULTS FOR 72.52.244.17:443 - 72.52.244.17
1330 ------------------------------------------------
1331
1332 * Deflate Compression:
1333 OK - Compression disabled
1334
1335 * OpenSSL Heartbleed:
1336 OK - Not vulnerable to Heartbleed
1337
1338 * Certificate Information:
1339 Content
1340 SHA1 Fingerprint: b6a169c7f8fc7d2192373776009f080c07f21ebf
1341 Common Name: bighornhosting.com
1342 Issuer: Let's Encrypt Authority X3
1343 Serial Number: 272989317180563932023806509179710043591674
1344 Not Before: 2019-09-18 02:08:45
1345 Not After: 2019-12-17 02:08:45
1346 Signature Algorithm: sha256
1347 Public Key Algorithm: RSA
1348 Key Size: 2048
1349 Exponent: 65537 (0x10001)
1350 DNS Subject Alternative Names: ['bighornhosting.com', 'cpanel.bighornhosting.com', 'mail.bighornhosting.com', 'webdisk.bighornhosting.com', 'webmail.bighornhosting.com', 'whm.bighornhosting.com', 'www.bighornhosting.com']
1351
1352 Trust
1353 Hostname Validation: FAILED - Certificate does NOT match 72.52.244.17
1354 Android CA Store (9.0.0_r9): OK - Certificate is trusted
1355 Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
1356 Java CA Store (jdk-12.0.1): OK - Certificate is trusted
1357 Mozilla CA Store (2019-03-14): OK - Certificate is trusted
1358 Windows CA Store (2019-05-27): OK - Certificate is trusted
1359 Symantec 2018 Deprecation: WARNING: Certificate distrusted by Google and Mozilla on September 2018
1360 Received Chain: bighornhosting.com --> Let's Encrypt Authority X3
1361 Verified Chain: bighornhosting.com --> Let's Encrypt Authority X3 --> DST Root CA X3
1362 Received Chain Contains Anchor: OK - Anchor certificate not sent
1363 Received Chain Order: OK - Order is valid
1364 Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
1365
1366 Extensions
1367 OCSP Must-Staple: NOT SUPPORTED - Extension not found
1368 Certificate Transparency: WARNING - Only 2 SCTs included but Google recommends 3 or more
1369
1370 OCSP Stapling
1371 OCSP Response Status: successful
1372 Validation w/ Mozilla Store: OK - Response is trusted
1373 Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
1374 Cert Status: good
1375 Cert Serial Number: 03223E560BAB9BF324451A91529F013413FA
1376 This Update: Oct 21 03:00:00 2019 GMT
1377 Next Update: Oct 28 03:00:00 2019 GMT
1378
1379 * TLSV1_1 Cipher Suites:
1380 Server rejected all cipher suites.
1381
1382 * TLSV1 Cipher Suites:
1383 Server rejected all cipher suites.
1384
1385 * Downgrade Attacks:
1386 TLS_FALLBACK_SCSV: OK - Supported
1387
1388 * OpenSSL CCS Injection:
1389 OK - Not vulnerable to OpenSSL CCS injection
1390
1391 * SSLV3 Cipher Suites:
1392 Server rejected all cipher suites.
1393
1394 * SSLV2 Cipher Suites:
1395 Server rejected all cipher suites.
1396
1397 * TLS 1.2 Session Resumption Support:
1398 With Session IDs: PARTIALLY SUPPORTED (4 successful, 1 failed, 0 errors, 5 total attempts).
1399 With TLS Tickets: OK - Supported
1400
1401 * TLSV1_2 Cipher Suites:
1402 Forward Secrecy OK - Supported
1403 RC4 OK - Not Supported
1404
1405 Preferred:
1406 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
1407 Accepted:
1408 TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
1409 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
1410 TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
1411 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
1412 TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
1413 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 256 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
1414 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
1415 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
1416 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
1417 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
1418
1419 * TLSV1_3 Cipher Suites:
1420 Server rejected all cipher suites.
1421
1422 * Session Renegotiation:
1423 Client-initiated Renegotiation: OK - Rejected
1424 Secure Renegotiation: OK - Supported
1425
1426 * ROBOT Attack:
1427 OK - Not vulnerable
1428
1429
1430 SCAN COMPLETED IN 37.66 S
1431 -------------------------
1432#######################################################################################################################################
1433adding 72.52.244.17/32 mode `TCPscan' ports `7,9,11,13,18,19,21-23,25,37,39,42,49,50,53,65,67-70,79-81,88,98,100,105-107,109-111,113,118,119,123,129,135,137-139,143,150,161-164,174,177-179,191,199-202,204,206,209,210,213,220,345,346,347,369-372,389,406,407,422,443-445,487,500,512-514,517,518,520,525,533,538,548,554,563,587,610-612,631-634,636,642,653,655,657,666,706,750-752,765,779,808,873,901,923,941,946,992-995,1001,1023-1030,1080,1210,1214,1234,1241,1334,1349,1352,1423-1425,1433,1434,1524,1525,1645,1646,1649,1701,1718,1719,1720,1723,1755,1812,1813,2048-2050,2101-2104,2140,2150,2233,2323,2345,2401,2430,2431,2432,2433,2583,2628,2776,2777,2988,2989,3050,3130,3150,3232,3306,3389,3456,3493,3542-3545,3632,3690,3801,4000,4400,4321,4567,4899,5002,5136-5139,5150,5151,5222,5269,5308,5354,5355,5422-5425,5432,5503,5555,5556,5678,6000-6007,6346,6347,6543,6544,6789,6838,6666-6670,7000-7009,7028,7100,7983,8079-8082,8088,8787,8879,9090,9101-9103,9325,9359,10000,10026,10027,10067,10080,10081,10167,10498,11201,15345,17001-17003,18753,20011,20012,21554,22273,26274,27374,27444,27573,31335-31338,31787,31789,31790,31791,32668,32767-32780,33390,47262,49301,54320,54321,57341,58008,58009,58666,59211,60000,60006,61000,61348,61466,61603,63485,63808,63809,64429,65000,65506,65530-65535' pps 300
1434using interface(s) eth0
1435added module payload for port 5060 proto 17
1436added module payload for port 1900 proto 17
1437added module payload for port 53 proto 17
1438added module payload for port 80 proto 6
1439added module payload for port 80 proto 6
1440added module payload for port 518 proto 17
1441scaning 1.00e+00 total hosts with 3.38e+02 total packets, should take a little longer than 8 Seconds
1442drone type Unknown on fd 4 is version 1.1
1443drone type Unknown on fd 3 is version 1.1
1444added module payload for port 5060 proto 17
1445added module payload for port 1900 proto 17
1446added module payload for port 53 proto 17
1447added module payload for port 80 proto 6
1448added module payload for port 80 proto 6
1449added module payload for port 518 proto 17
1450scan iteration 1 out of 1
1451using pcap filter: `dst 192.168.0.52 and ! src 192.168.0.52 and (tcp)'
1452using TSC delay
1453sender statistics 299.8 pps with 338 packets sent total
1454listener statistics 94 packets recieved 0 packets droped and 0 interface drops
1455#######################################################################################################################################
1456Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 07:54 EDT
1457Nmap scan report for andrew.uswebhost.com (72.52.244.17)
1458Host is up (0.14s latency).
1459Not shown: 2 filtered ports
1460PORT STATE SERVICE
146153/udp open domain
146267/udp open|filtered dhcps
146368/udp open|filtered dhcpc
146469/udp open|filtered tftp
146588/udp open|filtered kerberos-sec
1466123/udp open|filtered ntp
1467139/udp open|filtered netbios-ssn
1468161/udp open|filtered snmp
1469162/udp open|filtered snmptrap
1470389/udp open|filtered ldap
1471500/udp open|filtered isakmp
1472520/udp open|filtered route
14732049/udp open|filtered nfs
1474
1475Nmap done: 1 IP address (1 host up) scanned in 2.56 seconds
1476######################################################################################################################################
1477Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 07:31 EDT
1478Nmap scan report for andrew.uswebhost.com (72.52.244.17)
1479Host is up (0.32s latency).
1480Not shown: 928 filtered ports, 60 closed ports
1481PORT STATE SERVICE VERSION
148221/tcp open ftp Pure-FTPd
148353/tcp open domain ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
148480/tcp open http LiteSpeed httpd
1485110/tcp open pop3 Dovecot pop3d
1486143/tcp open imap Dovecot imapd
1487443/tcp open ssl/http LiteSpeed httpd
1488465/tcp open ssl/smtp Exim smtpd 4.92
1489587/tcp open smtp Exim smtpd 4.92
1490993/tcp open ssl/imaps?
1491995/tcp open ssl/pop3s?
14922200/tcp open ssh OpenSSH 7.4 (protocol 2.0)
14933306/tcp open mysql MySQL 5.5.5-10.2.27-MariaDB-cll-lve
1494Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1495#######################################################################################################################################
1496https://fortressoffaith.com/ [200 OK] Country[UNITED STATES][US], Google-Analytics[Universal][UA-113358977-1], HTML5, HTTPServer[LiteSpeed], IP[72.52.244.17], JQuery, LiteSpeed, MetaGenerator[WordPress 5.2.4], PHP[7.0.33], Script[text/javascript], Title[Fortress of Faith – Refuting Islam], UncommonHeaders[access-control-allow-origin,link,x-litespeed-cache,alt-svc], WordPress[5.2.4], X-Powered-By[PHP/7.0.33], X-UA-Compatible[IE=edge]
1497#######################################################################################################################################
1498[+] URL: https://fortressoffaith.com/
1499[+] Started: Tue Oct 22 07:04:11 2019
1500
1501Interesting Finding(s):
1502
1503[+] https://fortressoffaith.com/
1504 | Interesting Entries:
1505 | - x-powered-by: PHP/7.0.33
1506 | - access-control-allow-origin: *
1507 | - x-ua-compatible: IE=edge
1508 | - x-litespeed-cache: hit
1509 | - server: LiteSpeed
1510 | - alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
1511 | Found By: Headers (Passive Detection)
1512 | Confidence: 100%
1513
1514[+] https://fortressoffaith.com/robots.txt
1515 | Interesting Entries:
1516 | - /wp-admin/
1517 | - /wp-admin/admin-ajax.php
1518 | Found By: Robots Txt (Aggressive Detection)
1519 | Confidence: 100%
1520
1521[+] https://fortressoffaith.com/xmlrpc.php
1522 | Found By: Direct Access (Aggressive Detection)
1523 | Confidence: 100%
1524 | References:
1525 | - http://codex.wordpress.org/XML-RPC_Pingback_API
1526 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
1527 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
1528 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
1529 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
1530
1531[+] https://fortressoffaith.com/readme.html
1532 | Found By: Direct Access (Aggressive Detection)
1533 | Confidence: 100%
1534
1535[+] This site has 'Must Use Plugins': https://fortressoffaith.com/wp-content/mu-plugins/
1536 | Found By: Direct Access (Aggressive Detection)
1537 | Confidence: 80%
1538 | Reference: http://codex.wordpress.org/Must_Use_Plugins
1539
1540[+] Upload directory has listing enabled: https://fortressoffaith.com/wp-content/uploads/
1541 | Found By: Direct Access (Aggressive Detection)
1542 | Confidence: 100%
1543
1544[+] https://fortressoffaith.com/wp-cron.php
1545 | Found By: Direct Access (Aggressive Detection)
1546 | Confidence: 60%
1547 | References:
1548 | - https://www.iplocation.net/defend-wordpress-from-ddos
1549 | - https://github.com/wpscanteam/wpscan/issues/1299
1550
1551[+] WordPress version 5.2.4 identified (Latest, released on 2019-10-14).
1552 | Detected By: Emoji Settings (Passive Detection)
1553 | - https://fortressoffaith.com/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.2.4'
1554 | Confirmed By: Meta Generator (Passive Detection)
1555 | - https://fortressoffaith.com/, Match: 'WordPress 5.2.4'
1556
1557[+] WordPress theme in use: generatepress
1558 | Location: https://fortressoffaith.com/wp-content/themes/generatepress/
1559 | Latest Version: 2.3.2 (up to date)
1560 | Last Updated: 2019-06-25T00:00:00.000Z
1561 | Readme: https://fortressoffaith.com/wp-content/themes/generatepress/readme.txt
1562 | Style URL: https://fortressoffaith.com/wp-content/themes/generatepress/style.css
1563 | Style Name: GeneratePress
1564 | Style URI: https://generatepress.com
1565 | Description: GeneratePress is a lightweight WordPress theme built with a focus on speed and usability. Performanc...
1566 | Author: Tom Usborne
1567 | Author URI: https://tomusborne.com
1568 |
1569 | Detected By: Urls In Homepage (Passive Detection)
1570 |
1571 | Version: 2.3.2 (80% confidence)
1572 | Detected By: Style (Passive Detection)
1573 | - https://fortressoffaith.com/wp-content/themes/generatepress/style.css, Match: 'Version: 2.3.2'
1574
1575[+] Enumerating All Plugins (via Passive Methods)
1576[+] Checking Plugin Versions (via Passive and Aggressive Methods)
1577
1578[i] Plugin(s) Identified:
1579
1580[+] cuepro
1581 | Location: https://fortressoffaith.com/wp-content/plugins/cuepro/
1582 |
1583 | Detected By: Urls In Homepage (Passive Detection)
1584 |
1585 | The version could not be determined.
1586
1587[+] elementor
1588 | Location: https://fortressoffaith.com/wp-content/plugins/elementor/
1589 | Latest Version: 2.7.4 (up to date)
1590 | Last Updated: 2019-10-06T13:05:00.000Z
1591 |
1592 | Detected By: Urls In Homepage (Passive Detection)
1593 |
1594 | Version: 2.7.4 (100% confidence)
1595 | Detected By: Query Parameter (Passive Detection)
1596 | - https://fortressoffaith.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.7.4
1597 | - https://fortressoffaith.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.7.4
1598 | Confirmed By: Readme - Stable Tag (Aggressive Detection)
1599 | - https://fortressoffaith.com/wp-content/plugins/elementor/readme.txt
1600
1601[+] elementor-pro
1602 | Location: https://fortressoffaith.com/wp-content/plugins/elementor-pro/
1603 |
1604 | Detected By: Urls In Homepage (Passive Detection)
1605 |
1606 | The version could not be determined.
1607
1608[+] feedburner-alternative-and-rss-redirect
1609 | Location: https://fortressoffaith.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/
1610 | Latest Version: 2.3 (up to date)
1611 | Last Updated: 2019-10-02T13:01:00.000Z
1612 |
1613 | Detected By: Urls In Homepage (Passive Detection)
1614 |
1615 | Version: 2.3 (100% confidence)
1616 | Detected By: Readme - Stable Tag (Aggressive Detection)
1617 | - https://fortressoffaith.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/readme.txt
1618 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
1619 | - https://fortressoffaith.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/readme.txt
1620
1621[+] maticpress-client
1622 | Location: https://fortressoffaith.com/wp-content/plugins/maticpress-client/
1623 |
1624 | Detected By: Urls In Homepage (Passive Detection)
1625 |
1626 | The version could not be determined.
1627
1628[+] Enumerating Config Backups (via Passive and Aggressive Methods)
1629 Checking Config Backups - Time: 00:00:12 <=============> (21 / 21) 100.00% Time: 00:00:12
1630
1631[i] No Config Backups Found.
1632
1633[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
1634[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
1635
1636[+] Finished: Tue Oct 22 07:05:12 2019
1637[+] Requests Done: 70
1638[+] Cached Requests: 6
1639[+] Data Sent: 19.748 KB
1640[+] Data Received: 467.155 KB
1641[+] Memory used: 133.723 MB
1642[+] Elapsed time: 00:01:01
1643#######################################################################################################################################
1644[+] URL: https://fortressoffaith.com/
1645[+] Started: Tue Oct 22 07:04:14 2019
1646
1647Interesting Finding(s):
1648
1649[+] https://fortressoffaith.com/
1650 | Interesting Entries:
1651 | - x-powered-by: PHP/7.0.33
1652 | - access-control-allow-origin: *
1653 | - x-ua-compatible: IE=edge
1654 | - x-litespeed-cache: hit
1655 | - server: LiteSpeed
1656 | - alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
1657 | Found By: Headers (Passive Detection)
1658 | Confidence: 100%
1659
1660[+] https://fortressoffaith.com/robots.txt
1661 | Interesting Entries:
1662 | - /wp-admin/
1663 | - /wp-admin/admin-ajax.php
1664 | Found By: Robots Txt (Aggressive Detection)
1665 | Confidence: 100%
1666
1667[+] https://fortressoffaith.com/xmlrpc.php
1668 | Found By: Direct Access (Aggressive Detection)
1669 | Confidence: 100%
1670 | References:
1671 | - http://codex.wordpress.org/XML-RPC_Pingback_API
1672 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
1673 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
1674 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
1675 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
1676
1677[+] https://fortressoffaith.com/readme.html
1678 | Found By: Direct Access (Aggressive Detection)
1679 | Confidence: 100%
1680
1681[+] This site has 'Must Use Plugins': https://fortressoffaith.com/wp-content/mu-plugins/
1682 | Found By: Direct Access (Aggressive Detection)
1683 | Confidence: 80%
1684 | Reference: http://codex.wordpress.org/Must_Use_Plugins
1685
1686[+] Upload directory has listing enabled: https://fortressoffaith.com/wp-content/uploads/
1687 | Found By: Direct Access (Aggressive Detection)
1688 | Confidence: 100%
1689
1690[+] https://fortressoffaith.com/wp-cron.php
1691 | Found By: Direct Access (Aggressive Detection)
1692 | Confidence: 60%
1693 | References:
1694 | - https://www.iplocation.net/defend-wordpress-from-ddos
1695 | - https://github.com/wpscanteam/wpscan/issues/1299
1696
1697[+] WordPress version 5.2.4 identified (Latest, released on 2019-10-14).
1698 | Detected By: Emoji Settings (Passive Detection)
1699 | - https://fortressoffaith.com/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.2.4'
1700 | Confirmed By: Meta Generator (Passive Detection)
1701 | - https://fortressoffaith.com/, Match: 'WordPress 5.2.4'
1702
1703[+] WordPress theme in use: generatepress
1704 | Location: https://fortressoffaith.com/wp-content/themes/generatepress/
1705 | Latest Version: 2.3.2 (up to date)
1706 | Last Updated: 2019-06-25T00:00:00.000Z
1707 | Readme: https://fortressoffaith.com/wp-content/themes/generatepress/readme.txt
1708 | Style URL: https://fortressoffaith.com/wp-content/themes/generatepress/style.css
1709 | Style Name: GeneratePress
1710 | Style URI: https://generatepress.com
1711 | Description: GeneratePress is a lightweight WordPress theme built with a focus on speed and usability. Performanc...
1712 | Author: Tom Usborne
1713 | Author URI: https://tomusborne.com
1714 |
1715 | Detected By: Urls In Homepage (Passive Detection)
1716 |
1717 | Version: 2.3.2 (80% confidence)
1718 | Detected By: Style (Passive Detection)
1719 | - https://fortressoffaith.com/wp-content/themes/generatepress/style.css, Match: 'Version: 2.3.2'
1720
1721[+] Enumerating Users (via Passive and Aggressive Methods)
1722 Brute Forcing Author IDs - Time: 00:00:07 <==> (10 / 10) 100.00% Time: 00:00:07
1723
1724[i] User(s) Identified:
1725
1726[+] pcoovert
1727 | Detected By: Wp Json Api (Aggressive Detection)
1728 | - https://fortressoffaith.com/wp-json/wp/v2/users/?per_page=100&page=1
1729 | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
1730
1731[+] admin
1732 | Detected By: Wp Json Api (Aggressive Detection)
1733 | - https://fortressoffaith.com/wp-json/wp/v2/users/?per_page=100&page=1
1734 | Confirmed By:
1735 | Oembed API - Author URL (Aggressive Detection)
1736 | - https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https://fortressoffaith.com/&format=json
1737 | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
1738
1739[+] josh
1740 | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
1741
1742[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
1743[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
1744
1745[+] Finished: Tue Oct 22 07:05:05 2019
1746[+] Requests Done: 40
1747[+] Cached Requests: 19
1748[+] Data Sent: 13.985 KB
1749[+] Data Received: 321.54 KB
1750[+] Memory used: 114.797 MB
1751[+] Elapsed time: 00:00:51
1752#######################################################################################################################################
1753[+] URL: https://fortressoffaith.com/
1754[+] Started: Tue Oct 22 07:07:05 2019
1755
1756Interesting Finding(s):
1757
1758[+] https://fortressoffaith.com/
1759 | Interesting Entries:
1760 | - x-powered-by: PHP/7.0.33
1761 | - access-control-allow-origin: *
1762 | - x-ua-compatible: IE=edge
1763 | - x-litespeed-cache: hit
1764 | - server: LiteSpeed
1765 | - alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
1766 | Found By: Headers (Passive Detection)
1767 | Confidence: 100%
1768
1769[+] https://fortressoffaith.com/robots.txt
1770 | Interesting Entries:
1771 | - /wp-admin/
1772 | - /wp-admin/admin-ajax.php
1773 | Found By: Robots Txt (Aggressive Detection)
1774 | Confidence: 100%
1775
1776[+] https://fortressoffaith.com/xmlrpc.php
1777 | Found By: Direct Access (Aggressive Detection)
1778 | Confidence: 100%
1779 | References:
1780 | - http://codex.wordpress.org/XML-RPC_Pingback_API
1781 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
1782 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
1783 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
1784 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
1785
1786[+] https://fortressoffaith.com/readme.html
1787 | Found By: Direct Access (Aggressive Detection)
1788 | Confidence: 100%
1789
1790[+] This site has 'Must Use Plugins': https://fortressoffaith.com/wp-content/mu-plugins/
1791 | Found By: Direct Access (Aggressive Detection)
1792 | Confidence: 80%
1793 | Reference: http://codex.wordpress.org/Must_Use_Plugins
1794
1795[+] Upload directory has listing enabled: https://fortressoffaith.com/wp-content/uploads/
1796 | Found By: Direct Access (Aggressive Detection)
1797 | Confidence: 100%
1798
1799[+] https://fortressoffaith.com/wp-cron.php
1800 | Found By: Direct Access (Aggressive Detection)
1801 | Confidence: 60%
1802 | References:
1803 | - https://www.iplocation.net/defend-wordpress-from-ddos
1804 | - https://github.com/wpscanteam/wpscan/issues/1299
1805
1806[+] WordPress version 5.2.4 identified (Latest, released on 2019-10-14).
1807 | Detected By: Emoji Settings (Passive Detection)
1808 | - https://fortressoffaith.com/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.2.4'
1809 | Confirmed By: Meta Generator (Passive Detection)
1810 | - https://fortressoffaith.com/, Match: 'WordPress 5.2.4'
1811
1812[+] WordPress theme in use: generatepress
1813 | Location: https://fortressoffaith.com/wp-content/themes/generatepress/
1814 | Latest Version: 2.3.2 (up to date)
1815 | Last Updated: 2019-06-25T00:00:00.000Z
1816 | Readme: https://fortressoffaith.com/wp-content/themes/generatepress/readme.txt
1817 | Style URL: https://fortressoffaith.com/wp-content/themes/generatepress/style.css
1818 | Style Name: GeneratePress
1819 | Style URI: https://generatepress.com
1820 | Description: GeneratePress is a lightweight WordPress theme built with a focus on speed and usability. Performanc...
1821 | Author: Tom Usborne
1822 | Author URI: https://tomusborne.com
1823 |
1824 | Detected By: Urls In Homepage (Passive Detection)
1825 |
1826 | Version: 2.3.2 (80% confidence)
1827 | Detected By: Style (Passive Detection)
1828 | - https://fortressoffaith.com/wp-content/themes/generatepress/style.css, Match: 'Version: 2.3.2'
1829
1830[+] Enumerating Users (via Passive and Aggressive Methods)
1831 Brute Forcing Author IDs - Time: 00:00:02 <============> (10 / 10) 100.00% Time: 00:00:02
1832
1833[i] User(s) Identified:
1834
1835[+] pcoovert
1836 | Detected By: Wp Json Api (Aggressive Detection)
1837 | - https://fortressoffaith.com/wp-json/wp/v2/users/?per_page=100&page=1
1838 | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
1839
1840[+] admin
1841 | Detected By: Wp Json Api (Aggressive Detection)
1842 | - https://fortressoffaith.com/wp-json/wp/v2/users/?per_page=100&page=1
1843 | Confirmed By:
1844 | Oembed API - Author URL (Aggressive Detection)
1845 | - https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https://fortressoffaith.com/&format=json
1846 | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
1847
1848[+] josh
1849 | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
1850
1851[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
1852[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
1853
1854[+] Finished: Tue Oct 22 07:07:14 2019
1855[+] Requests Done: 16
1856[+] Cached Requests: 43
1857[+] Data Sent: 4.43 KB
1858[+] Data Received: 50.064 KB
1859[+] Memory used: 113.871 MB
1860[+] Elapsed time: 00:00:09
1861#######################################################################################################################################
1862[INFO] ------TARGET info------
1863[*] TARGET: https://fortressoffaith.com/
1864[*] TARGET IP: 72.52.244.17
1865[INFO] NO load balancer detected for fortressoffaith.com...
1866[*] DNS servers: ns1.bighornhosting.com.
1867[*] TARGET server: LiteSpeed
1868[*] CC: US
1869[*] Country: United States
1870[*] RegionCode: MI
1871[*] RegionName: Michigan
1872[*] City: Lansing
1873[*] ASN: AS32244
1874[*] BGP_PREFIX: 72.52.128.0/17
1875[*] ISP: LIQUIDWEB - Liquid Web, L.L.C, US
1876[INFO] SSL/HTTPS certificate detected
1877[*] Issuer: issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
1878[*] Subject: subject=CN = fortressoffaith.com
1879[ALERT] Let's Encrypt is commonly used for Phishing
1880[INFO] DNS enumeration:
1881[*] ftp.fortressoffaith.com 72.52.144.226
1882[*] mail.fortressoffaith.com fortressoffaith.com. 72.52.244.17
1883[*] webmail.fortressoffaith.com 72.52.244.17
1884[INFO] Possible abuse mails are:
1885[*] abuse@fortressoffaith.com
1886[*] abuse@sourcedns.com
1887[*] admin@sourcedns.com
1888[*] ipadmin@liquidweb.com
1889[*] lisa@webclickhosting.com
1890[INFO] NO PAC (Proxy Auto Configuration) file FOUND
1891[ALERT] robots.txt file FOUND in http://fortressoffaith.com/robots.txt
1892[INFO] Checking for HTTP status codes recursively from http://fortressoffaith.com/robots.txt
1893[INFO] Status code Folders
1894[*] 200 http://fortressoffaith.com/wp-admin/
1895[INFO] Starting FUZZing in http://fortressoffaith.com/FUzZzZzZzZz...
1896[INFO] Status code Folders
1897[*] 200 http://fortressoffaith.com/news
1898[ALERT] Look in the source code. It may contain passwords
1899[INFO] Links found from https://fortressoffaith.com/ http://72.52.244.17/:
1900[*] http://72.52.244.17/cgi-sys/defaultwebpage.cgi
1901[*] http://fortressoffaith.sermon.net/21099434
1902[*] http://fortressoffaith.sermon.net/21099740
1903[*] http://fortressoffaith.sermon.net/rss/main/audio
1904[*] https://crm.fundly.com/6609/Pages/fundraising/#/5
1905[*] https://fortressoffaith.com/
1906[*] https://fortressoffaith.com/apologetic-responses/
1907[*] https://fortressoffaith.com/articles-by-category/
1908[*] https://fortressoffaith.com/contact/
1909[*] https://fortressoffaith.com/#content
1910[*] https://fortressoffaith.com/daily-articles-2/
1911[*] https://fortressoffaith.com/elementor-11586/
1912[*] https://fortressoffaith.com/evangelizing-muslims/
1913[*] https://fortressoffaith.com/feed/
1914[*] https://fortressoffaith.com/in-the-news/
1915[*] https://fortressoffaith.com/islam-and-pedophilia/
1916[*] https://fortressoffaith.com/islam-in-proficy/
1917[*] https://fortressoffaith.com/islam-terrorism/
1918[*] https://fortressoffaith.com/islam-the-religion/
1919[*] https://fortressoffaith.com/muslims-the-people/
1920[*] https://fortressoffaith.com/newsletter-subscribe/
1921[*] https://fortressoffaith.com/other-issues/
1922[*] https://fortressoffaith.com/privacy-policy/
1923[*] https://fortressoffaith.com/radio-2/
1924[*] https://fortressoffaith.com/study/
1925[*] https://fortressoffaith.com/terms-conditions/
1926[*] https://fortressoffaith.com/when-muslims-play-the-race-card/
1927[*] https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https://fortressoffaith.com/
1928[*] https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https://fortressoffaith.com/&format=xml
1929[*] https://play.google.com/store/apps/details?id=com.mobincube.fortress_of_faith.sc_DWXU1A
1930[*] http://www.fortressoffaith.org/
1931[INFO] GOOGLE has 294,000 results (0.20 seconds) about http://fortressoffaith.com/
1932[INFO] Shodan detected the following opened ports on 72.52.244.17:
1933[*] 1
1934[*] 110
1935[*] 143
1936[*] 2082
1937[*] 2083
1938[*] 2086
1939[*] 2087
1940[*] 21
1941[*] 3306
1942[*] 4
1943[*] 443
1944[*] 53
1945[*] 587
1946[*] 80
1947[*] 993
1948[*] 995
1949[INFO] ------VirusTotal SECTION------
1950[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
1951[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
1952[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
1953[INFO] ------Alexa Rank SECTION------
1954[INFO] Percent of Visitors Rank in Country:
1955[INFO] Percent of Search Traffic:
1956[INFO] Percent of Unique Visits:
1957[INFO] Total Sites Linking In:
1958[*] Total Sites
1959[INFO] Useful links related to fortressoffaith.com - 72.52.244.17:
1960[*] https://www.virustotal.com/pt/ip-address/72.52.244.17/information/
1961[*] https://www.hybrid-analysis.com/search?host=72.52.244.17
1962[*] https://www.shodan.io/host/72.52.244.17
1963[*] https://www.senderbase.org/lookup/?search_string=72.52.244.17
1964[*] https://www.alienvault.com/open-threat-exchange/ip/72.52.244.17
1965[*] http://pastebin.com/search?q=72.52.244.17
1966[*] http://urlquery.net/search.php?q=72.52.244.17
1967[*] http://www.alexa.com/siteinfo/fortressoffaith.com
1968[*] http://www.google.com/safebrowsing/diagnostic?site=fortressoffaith.com
1969[*] https://censys.io/ipv4/72.52.244.17
1970[*] https://www.abuseipdb.com/check/72.52.244.17
1971[*] https://urlscan.io/search/#72.52.244.17
1972[*] https://github.com/search?q=72.52.244.17&type=Code
1973[INFO] Useful links related to AS32244 - 72.52.128.0/17:
1974[*] http://www.google.com/safebrowsing/diagnostic?site=AS:32244
1975[*] https://www.senderbase.org/lookup/?search_string=72.52.128.0/17
1976[*] http://bgp.he.net/AS32244
1977[*] https://stat.ripe.net/AS32244
1978[INFO] Date: 22/10/19 | Time: 07:09:58
1979[INFO] Total time: 1 minute(s) and 56 second(s)
1980#######################################################################################################################################
1981[-] Target: https://fortressoffaith.com (72.52.244.17)
1982[I] Server: LiteSpeed
1983[I] X-Powered-By: PHP/7.0.33
1984[L] X-Frame-Options: Not Enforced
1985[I] Strict-Transport-Security: Not Enforced
1986[I] X-Content-Security-Policy: Not Enforced
1987[I] X-Content-Type-Options: Not Enforced
1988[L] Robots.txt Found: https://fortressoffaith.com/robots.txt
1989[I] CMS Detection: WordPress
1990[I] Wordpress Version: 5.2.4
1991[I] Wordpress Theme: generatepress
1992[-] WordPress usernames identified:
1993[M] Josh Rodriguez
1994[M] Pierre Coovert
1995[M] Tom Wallace
1996[M] admin
1997[M] josh
1998[M] pcoovert
1999[M] XML-RPC services are enabled
2000[M] Website vulnerable to XML-RPC Brute Force Vulnerability
2001[I] Autocomplete Off Not Found: https://fortressoffaith.com/wp-login.php
2002[-] Default WordPress Files:
2003[I] https://fortressoffaith.com/license.txt
2004[I] https://fortressoffaith.com/readme.html
2005[I] https://fortressoffaith.com/wp-content/themes/twentynineteen/readme.txt
2006[I] https://fortressoffaith.com/wp-includes/ID3/license.commercial.txt
2007[I] https://fortressoffaith.com/wp-includes/ID3/license.txt
2008[I] https://fortressoffaith.com/wp-includes/ID3/readme.txt
2009[I] https://fortressoffaith.com/wp-includes/images/crystal/license.txt
2010[I] https://fortressoffaith.com/wp-includes/js/plupload/license.txt
2011[I] https://fortressoffaith.com/wp-includes/js/swfupload/license.txt
2012[I] https://fortressoffaith.com/wp-includes/js/tinymce/license.txt
2013[-] Searching Wordpress Plugins ...
2014[I] advanced-uploader v3.2
2015[M] EDB-ID: 38867 "WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities"
2016[I] cuepro
2017[I] elementor v2.7.4
2018[I] elementor-pro
2019[I] feed
2020[M] EDB-ID: 38624 "WordPress Plugin WP Feed - 'nid' SQL Injection"
2021[I] feedburner-alternative-and-rss-redirect v2.3
2022[I] maticpress-client
2023[I] woocommerce v3.4.0
2024[M] EDB-ID: 43196 "WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal"
2025[I] Checking for Directory Listing Enabled ...
2026[L] https://fortressoffaith.com/wp-admin/css
2027[L] https://fortressoffaith.com/wp-admin/images
2028[L] https://fortressoffaith.com/wp-admin/includes
2029[L] https://fortressoffaith.com/wp-admin/js
2030[L] https://fortressoffaith.com/wp-admin/maint
2031[L] https://fortressoffaith.com/wp-includes
2032[L] https://fortressoffaith.com/wp-includes/ID3
2033[L] https://fortressoffaith.com/wp-includes/IXR
2034[L] https://fortressoffaith.com/wp-includes/Requests
2035[L] https://fortressoffaith.com/wp-includes/SimplePie
2036[L] https://fortressoffaith.com/wp-includes/Text
2037[L] https://fortressoffaith.com/wp-includes/blocks
2038[L] https://fortressoffaith.com/wp-includes/certificates
2039[L] https://fortressoffaith.com/wp-includes/css
2040[L] https://fortressoffaith.com/wp-includes/customize
2041[L] https://fortressoffaith.com/wp-includes/fonts
2042[L] https://fortressoffaith.com/wp-includes/images
2043[L] https://fortressoffaith.com/wp-includes/js
2044[L] https://fortressoffaith.com/wp-includes/pomo
2045[L] https://fortressoffaith.com/wp-includes/random_compat
2046[L] https://fortressoffaith.com/wp-includes/rest-api
2047[L] https://fortressoffaith.com/wp-includes/sodium_compat
2048[L] https://fortressoffaith.com/wp-includes/theme-compat
2049[L] https://fortressoffaith.com/wp-includes/widgets
2050[L] https://fortressoffaith.com/wp-content/plugins/advanced-uploader
2051[L] https://fortressoffaith.com/wp-content/plugins/cuepro
2052[L] https://fortressoffaith.com/wp-content/plugins/elementor
2053[L] https://fortressoffaith.com/wp-content/plugins/elementor-pro
2054[L] https://fortressoffaith.com/wp-content/plugins/feedburner-alternative-and-rss-redirect
2055[L] https://fortressoffaith.com/wp-content/plugins/woocommerce
2056[-] Date & Time: 22/10/2019 07:26:10
2057[-] Completed in: 0:21:46
2058#######################################################################################################################################
2059 Anonymous JTSEC #OpDomesticTerrorism Full Recon #5